This content requires Adobe Flash Player version
or later.
Either you do not have Adobe Flash Player installed,
or your version is too old,
or there is a problem with your Flash installation and we were unable to detect it.

Three things healthcare CIOs should know about data warehouses By Larry Grandia

For the past decade or so, healthcare technology has taken off on a breathtaking sprint to integrate electronic health records and automate essential operational infor- mation systems. Today, the goal for most health system CIOs is to produce an ana- lytics capability that will ensure survival in the new healthcare reform environment, including value-based purchasing. In the race of IT initiatives, it’s easy

to lose sight of priorities. Building an enterprise-wide analytics platform should be one of these priorities. It will be a challenge for healthcare CIOs, but it’s a challenge organizations can meet with the aid of a data warehouse. Here are three things CIOs should know about data warehouses and the imperative that technology brings: 1. BI/data analytics will be one of, if not the most, compelling IT initiatives in healthcare during the coming decade. Get- ting started now on a foundational platform will be critical to getting out and staying out in front of this emerging, critical business imperative.

CIOs implement an enterprise data warehouse (EDW). An EDW minimizes redundancy and isolates reporting to a single source of truth.

3. Achieving early ROI necessitates a late-binding (highly fl exible) data warehousing environment, coupled with a “cleanse your data as you go” operating philosophy. Early ROI will ensure on-going organizational support for the EDW and will facilitate organizational compliance to an enterprise-centric solution. While CIO at Intermountain Healthcare for more than two decades, I witnessed the automation of a remarkable number of systems and processes. I also realized the need for a fl exible EDW fed by operational systems and coupled with advanced analytical tools. T is analytics approach yielded insights and allowed us to harvest improvement knowledge. Sharing this knowledge system-wide with clinicians and management, and imbedding this knowledge back into operational systems, took us down a path of real and documented cost, quality and access improvement. While healthcare technology and the analytics imperatives of

healthcare reform advance into the future, CIOs with the foresight to start their data warehouse initiatives sooner, rather than later, will position their healthcare organizations for a successful, effi cient transition to value-based care. Larry Grandia led IT functions for Intermountain Healthcare, Inc.

for more than two decades and was Chief Technology Offi cer of Premier, Inc. before his retirement in 2011. He currently serves on the Board of Directors of Health Catalyst.

errors such as sending an email to the wrong person; crimeware (various malware aimed at gaining control of systems); insider/ privilege misuse; physical theft/loss; Web app attacks; denial of service attacks; cyber espionage; point-of-sale intrusions; and pay- ment card skimmers. In the healthcare sector, 46 percent of security incidents were the

result of lost or stolen assets, with physical theft and loss of assets occurring most often in the offi ce – not from personal vehicles or homes. Insider misuse was the second-biggest threat. Other key fi ndings in the report include:

• Cyber espionage is up again in the 2014 report, representing a more than three-fold increase compared with the 2013 report, with 511 incidents. (T is is partially due to a bigger dataset.) In addition, these attacks were found to be the most complex and diverse, with a long list of threat patterns. As it did last year, China still leads as the site of the most cyber espionage activity; but the other regions of the world are represented, including Eastern Europe with more than 20 percent.

• For the fi rst time, the report examines distributed denial of service (DDoS) attacks, which are attacks intended to com- promise the availability of networks and systems so that,

22 June 2014

for example, a website is rendered useless. T ey are common to the fi nancial services, retail, profes- sional, information and public sector industries. T e report points out that DDoS attacks have grown stronger year over year for the past three years.

• The use of stolen and/ or misused credentials (user name/passwords) continues to be the No. 1 way to gain access to information. Two out of three breaches exploit weak or stolen passwords, making a case for strong two-factor authentication.

• While external attacks still outweigh insider attacks, insider attacks are up, especially with regard to stolen intellectual property. T e report points out that 85 percent of insider and privilege-abuse attacks used the corporate LAN, and 22 percent took advantage of physical access.

Verizon analyzed more than 63,000 security incidents and more than 1,300 confi rmed breaches in 2013 to compile this year’s report. Get the full report at www.verizonenterprise.com/DBIR/2014/.